The invention relates to method and system for enhancing computer network security. The method includes receiving a plurality of requests from client devices to avail a plurality of responses from services running on servers; determining a URL pattern for each of the plurality of requests based on URL associated with that request; determining a request data signature for each of the plurality of requests or a response data signature for each of the plurality of responses based on a set of request parameters associated with that request or based on a set of response parameters associated with that response, respectively, using a first machine learning model; and determining an authenticity of each of the plurality of requests based on the URL pattern and the data signature associated with that request, or an authenticity of each of the plurality of responses based on the data signature associated with that response.
Legal claims defining the scope of protection, as filed with the USPTO.
2. The method of claim 1, wherein the set of request parameters and the set of response parameters are indicative of meta information associated with a request and a response, respectively, and wherein the meta information comprises at least one of a data size, an identification of a user agent, a geographical location, a Multipurpose Internet Mail Extensions (MIME) type, a content, a cookie, an authentication credentials, a cache, a user role and permission.
4. The method of claim 1, wherein determining the request data signature further comprises predicting an aberration tag or a corruption tag for each of the plurality of requests based on a value of each of the set of request parameters, and wherein determining the response data signature further comprises predicting an aberration tag or a corruption tag for each of the plurality of responses based on a value of each of the set of response parameters.
5. The method of claim 1, wherein the URL pattern for each of the plurality of requests is determined using one of a rule engine, a knowledge base, or a second machine learning model.
7. The method of claim 1, further comprising performing a preventive action corresponding to the potential security vulnerability, wherein the preventive action comprises blocking at least one of the plurality of requests or at least one of the plurality of responses based on the authenticity of the at least one of the plurality of requests or based on the authenticity of the at least one of the plurality of responses, respectively.
9. The API gateway of claim 8, wherein the set of request parameters and the set of response parameters are indicative of meta information associated with a request and a response, respectively, and wherein the meta information comprises at least one of a data size, an identification of a user agent, a geographical location, a Multipurpose Internet Mail Extensions (MIME) type, a content, a cookie, an authentication credentials, a cache, a user role and permission.
11. The API gateway of claim 8, wherein the processor-executable instructions, on execution, further cause the processor to determine the request data signature by predicting an aberration tag or a corruption tag for each of the plurality of requests based on a value of each of the set of request parameters and to determine the response data signature by predicting an aberration tag or a corruption tag for each of the plurality of responses based on a value of each of the set of response parameters.
12. The API gateway of claim 8, wherein the processor-executable instructions, on execution, cause the processor to determine the URL pattern for each of the plurality of requests by using one of a rule engine, a knowledge base, or a second machine learning model.
14. The API gateway of claim 8, wherein the processor-executable instructions, on execution, further cause the processor to perform a preventive action corresponding to the potential security vulnerability, wherein the preventive action comprises blocking at least one of the plurality of requests or at least one of the plurality of responses based on the authenticity of the at least one of the plurality of requests or based on the authenticity of the at least one of the plurality of responses, respectively.
17. The non-transitory computer-readable medium of the claim 15, wherein the computer-executable instructions are further configured to determine the request data signature by predicting an aberration tag or a corruption tag for each of the plurality of requests based on a value of each of the set of request parameters and to determine the response data signature by predicting an aberration tag or a corruption tag for each of the plurality of responses based on a value of each of the set of response parameters.
18. The non-transitory computer-readable medium of the claim 15, wherein the computer-executable instructions are further configured to determine the URL pattern for each of the plurality of requests by using one of a rule engine, a knowledge base, or a second machine learning model.
20. The non-transitory computer-readable medium of the claim 15, wherein the computer-executable instructions are further configured to perform a preventive action corresponding to the potential security vulnerability, wherein the preventive action comprises blocking at least one of the plurality of requests or at least one of the plurality of responses based on the authenticity of the at least one of the plurality of requests or based on the authenticity of the at least one of the plurality of responses, respectively.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
March 16, 2022
December 31, 2024
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.